Unrated severityNVD Advisory· Published Jun 23, 2015· Updated May 6, 2026
CVE-2015-2859
CVE-2015-2859
Description
Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected products
22cpe:2.3:a:mcafee:epolicy_orchestrator:4.0:*:*:*:*:*:*:*+ 21 more
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:4.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:5.1.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- kc.mcafee.com/corporate/indexnvdPatchVendor Advisory
- kc.mcafee.com/corporate/indexnvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/264092nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/75020nvd
- www.securitytracker.com/id/1032571nvd
News mentions
0No linked articles in our index yet.